<?php include('login_validation.php'); ?>

<?php include('functions.php'); $bgcolor = "#229CBA"; ?>

<?php

	function isValidPassConfirm($password, $confirm, $errors) {
		if (strlen($password) == 0) {
			array_push($errors, "The password cannot be empty");
		}
		
		if (strlen($confirm) == 0) {
			array_push($errors, "The confirm password cannot be empty");
		}
		
		if (strlen($confirm) != 0 && strlen($password) != 0 && $password != $confirm) {
			array_push($errors, "The confirm password and password must match");
		}
		
		return $errors;
		
	}

	function userExists($user) {
		$user = obtenerListado("select * from user where USER_NAME = '" . $user . "'");
		return mysql_num_rows($user) == 1;
	}

	$errors = array();


	$password = getValor('PASSWORD');
	$confirm = getValor('CONFIRM');

	if (getValor('updatePass') == "updatePass") {

		$errors = isValidPassConfirm($password, $confirm, $errors);

		if (sizeof($errors) == 0) {

			$updateSQL = sprintf("UPDATE user SET PASS=%s WHERE USER_NAME=%s",
						   GetSQLValueString($_POST['PASSWORD'], "text"),
						   GetSQLValueString($_POST['USER_NAME'], "int"));
			
			executeUpdateQuery($updateSQL);
			
			$success = "The user has been successfully updated!";
			
		}
	
	}

	if (getValor('addUser') == "addUser") {
	
		$user = getValor('USER_NAME');
		
		if (strlen($user) == 0) {
			array_push($errors, "The username cannot be empty");
		} else if (userExists($user)){
			array_push($errors, "The username already exists");		
		}
	
		$errors = isValidPassConfirm($password, $confirm, $errors);

		if (sizeof($errors) == 0) {

			$insertSQL = sprintf("INSERT INTO user (USER_NAME, PASS) VALUES (%s, %s)",
						   GetSQLValueString($user, "text"),
						   GetSQLValueString($password, "text"));

			executeUpdateQuery($insertSQL);

			$success = "The user has been successfully added!";

		}
	
	}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

	<title>CONGRESS ADMIN - LIST ABSTRACTS</title>

	<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
	<link href="accordion/style.css" rel="stylesheet" type="text/css" media="screen" />

	<script type="text/javascript" src="tinymce/jscripts/tiny_mce/tiny_mce.js"></script>

	<script src="accordion/accordian.pack.js" language="javascript" type="text/javascript">
	</script>

	<script src="ajax_functions.js" language="javascript" type="text/javascript">
	</script>
	
	<style>
		body {
			padding: 0px;
			margin: 0px;
		}
		
		.bodybg {
			background: <?php echo $bgcolor; ?>
			filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='<?php echo $bgcolor; ?>', endColorstr='#FFFFFF');
			background: -webkit-gradient(linear, left top, left bottom, from(<?php echo $bgcolor; ?>), to(#FFFFFF));
			background: -moz-linear-gradient(top,  <?php echo $bgcolor ?>,  #FFFFFF);
			width:100%;
			height: 600px;
		}
	</style>

	<script type="text/javascript" src="jscolor/jscolor.js"></script>
	<script type="text/javascript" src="tiny_mice.js"></script>
</head>

<body>

	<div align="center" class="bodybg">

		<?php include('admin_header.php'); ?>

		<?php include('admin_menu.php'); ?>

	    <div id="basic-accordian" style="background-color: white;">


			<?php if (isset($success)) { include('success.php'); } ?>
			<?php if(sizeof($errors) != 0) { include('errors.php'); } ?>

			<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
				<input type="hidden" name="updatePass" value="updatePass" />
				<table width="100%" cellpadding="5" cellspacing="0">
				
					<tr>
						<td colspan="2" style="background-color: #92BF59;">
							RESET ADMIN LOGIN
						</td>
					</tr>
					<tr>
						<td>
							Username
						</td>
						<td>
							<select name="USER_NAME">
								
								<?php
									echo "antes";
									$users = obtenerListado("SELECT * FROM user");
									echo "despues";
									while ($theuser = mysql_fetch_array($users)) { 
								?>
								
									<option <?php if (getValor('USER_NAME') == $theuser['USER_NAME']) { echo "selected='selected'"; } ?> >
										<?php echo $theuser['USER_NAME']; ?>
									</option>	
								<?php
									}
								?>
								
							</select>
						</td>
					</tr>
					<tr>
						<td>
							Password
						</td>
						<td>
							<input type="password" name="PASSWORD" />
						</td>
					</tr>
					<tr>
						<td>
							Confirm Password
						</td>
						<td>
							<input type="password" name="CONFIRM" />
						</td>
					</tr>
					<tr>
						<td>&nbsp;</td>
						<td>
							<input type="submit" value="Save" style="width:200px;" />
						</td>
					</tr>
				</table>
			</form>
			
			<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
				<input type="hidden" name="addUser" value="addUser" />
				<table width="100%" cellpadding="5" cellspacing="0">
				
					<tr>
						<td colspan="2" style="background-color: #92BF59;">
							ADD NEW USER
						</td>
					</tr>
					<tr>
						<td>
							Username
						</td>
						<td>
							<input type="text" name="USER_NAME" value="<?php if (getValor('addUser') != "") { echo getValor('USER_NAME'); } ?>" />
						</td>
					</tr>
					<tr>
						<td>
							Password
						</td>
						<td>
							<input type="password" name="PASSWORD" />
						</td>
					</tr>
					<tr>
						<td>
							Confirm Password
						</td>
						<td>
							<input type="password" name="CONFIRM" />
						</td>
					</tr>
					<tr>
						<td>&nbsp;</td>
						<td>
							<input type="submit" value="Save" style="width:200px;" />
						</td>
					</tr>
				</table>
			</form>
			
	    </div>
		
	</div>

</body>
</html>
